CVE-2018-9363

Public on 2018-11-06

Modified on 2019-10-23

Description

A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report() in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service.

Severity

Medium

See what this means

CVSS v3 Base Score

6.1

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 1	kernel	2019-09-13 22:45	ALAS-2019-1280
Amazon Linux 2 - Core	kernel	2019-09-13 23:13	ALAS2-2019-1281
Amazon Linux 2 - Core	kernel	2019-09-13 23:09	ALAS2-2019-1280

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	6.1	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
NVD	CVSSv3	8.4	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD	CVSSv2	7.2	AV:L/AC:L/Au:N/C:C/I:C/A:C

References

Red Hat: CVE-2018-9363 Mitre: CVE-2018-9363 FAQs regarding Amazon Linux ALAS/CVE Severity